High severity8.7NVD Advisory· Published Apr 22, 2026· Updated Apr 22, 2026
CVE-2026-41468
CVE-2026-41468
Description
Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the AngularJS sandbox and achieve arbitrary JavaScript execution in operator browser sessions, enabling session hijacking, DOM manipulation, and persistent browser compromise. Network-adjacent attackers can deliver the complete injection and escape chain via MITM in plaintext HTTP deployments without active user interaction.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-POC.pynvd
- github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-SicuroWeb-ATI-chain.txtnvd
- www.beghelli.itnvd
- www.boffsec-services.com/posts/sicuroweb-cve-2026-22191/nvd
- www.vulncheck.com/advisories/beghelli-sicuro24-sicuroweb-angularjs-sandbox-escape-via-template-injectionnvd
News mentions
15- What Anthropic’s Mythos Means for the Future of CybersecuritySchneier on Security · Apr 28, 2026
- TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)SANS Internet Storm Center · Apr 27, 2026
- PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian NetworksThe Hacker News · Apr 27, 2026
- It pays to be a forever studentCisco Talos Intelligence · Apr 23, 2026
- ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New StoriesThe Hacker News · Apr 23, 2026
- [Webinar] Mythos Reality Check: Beating Automated Exploitation at AI SpeedThe Hacker News · Apr 23, 2026
- [Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025Cisco Talos Intelligence · Apr 21, 2026
- The Q1 vulnerability pulseCisco Talos Intelligence · Apr 16, 2026
- Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload PluginWordfence Blog · Apr 16, 2026
- Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent VulnerabilitiesCisco Talos Intelligence · Apr 14, 2026
- Attackers Actively Exploiting Critical Vulnerability in Kali Forms PluginWordfence Blog · Apr 13, 2026
- 50,000 WordPress Sites affected by Arbitrary File Upload Vulnerability in Ninja Forms – File Upload WordPress PluginWordfence Blog · Apr 6, 2026
- 200,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability in Perfmatters WordPress PluginWordfence Blog · Apr 2, 2026
- ‘CanisterWorm’ Springs Wiper Attack Targeting IranKrebs on Security · Mar 23, 2026
- Defending Against China-Nexus Covert Networks of Compromised DevicesCISA Alerts